Top / Amazon Web Service / AWS Network Firewall / Firewall Policy

AWS Network Firewall Firewall Policy

This page shows how to write Terraform and CloudFormation for Network Firewall Firewall Policy and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_networkfirewall_firewall_policy (Terraform)

The Firewall Policy in Network Firewall can be configured in Terraform with the resource name aws_networkfirewall_firewall_policy. The following sections describe 4 examples of how to use the resource and its parameters.

Example Usage from GitHub

firewall.tf#L1
resource "aws_networkfirewall_firewall_policy" "test-firewall-policy" {
  name = "test-aws-network-firewall-policy"
  firewall_policy {
    stateless_default_actions          = ["aws:forward_to_sfe"]
    stateless_fragment_default_actions = ["aws:pass"]
    stateless_rule_group_reference {
firewall.tf#L21
resource "aws_networkfirewall_firewall_policy" "this" {
  name        = local.name
  description = "allow domain list"
  firewall_policy {
    stateless_default_actions          = ["aws:forward_to_sfe"]
    stateless_fragment_default_actions = ["aws:forward_to_sfe"]
network_firewall.tf#L99
resource "aws_networkfirewall_firewall_policy" "this" {
  name = "firewallPolicy"

  firewall_policy {
    stateless_default_actions          = ["aws:forward_to_sfe"]
    stateless_fragment_default_actions = ["aws:forward_to_sfe"]
10_111_0_0_fw.tf#L14
resource "aws_networkfirewall_firewall_policy" "default" {
  name = "transit-gateway-centralized-east-west-net-fw"


  firewall_policy {
    stateless_default_actions          = ["aws:forward_to_sfe"]

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides an AWS Network Firewall Firewall Policy Resource

>> from Terraform Registry

AWS::NetworkFirewall::FirewallPolicy (CloudFormation)

The FirewallPolicy in NetworkFirewall can be configured in CloudFormation with the resource name AWS::NetworkFirewall::FirewallPolicy. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

Use the AWS::NetworkFirewall::FirewallPolicy to define the stateless and stateful network traffic filtering behavior for your AWS::NetworkFirewall::Firewall. You can use one firewall policy for multiple firewalls.

>> from AWS CloudFormation Documentation

The Other Related AWS Network Firewall Resources

Frequently asked questions

What is AWS Network Firewall Firewall Policy?

AWS Network Firewall Firewall Policy is a resource for Network Firewall of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Network Firewall Firewall Policy?

For Terraform, the toddlers/aws-network-firewall-workflow, pete911/eks-cluster and keithrozario/firewall_egress source code examples are useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents